1015 matches found
AZL-34628 CVE-2016-2781 affecting package coreutils for versions less than 9.4-1
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
DEBIAN-CVE-2016-2781
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
CVE-2016-2781
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
CVE-2016-2781
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
UBUNTU-CVE-2016-2781
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
Buffer overflow
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
CVE-2016-2781
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
CVE-2016-2781
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
CVE-2016-2781
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
CVE-2016-2781
CVE-2016-2781: chroot in GNU coreutils, when used with --userspec, is vulnerable to local privilege escalation via a crafted TIOCSTI ioctl that injects characters into the terminal input buffer, enabling a local user to escape to the parent session. Affected component is chroot in coreutils; root...
The firmware binary code of the simulation and exploit technology-vulnerability warning-the black bar safety net
In a previous article, we introduced a firmware analysis and extraction of the file system method. In this article we will further introduce how to in-depth analysis of firmware binaries, and then use its common security vulnerabilities. In this paper, we will relate to the following as shown in...
[SECURITY] Fedora 23 Update: mock-1.2.21-1.fc23
Mock takes an SRPM and builds it in a chroot...
[SECURITY] Fedora 25 Update: mock-1.2.21-1.fc25
Mock takes an SRPM and builds it in a chroot...
[SECURITY] Fedora 24 Update: mock-1.2.21-1.fc24
Mock takes an SRPM and builds it in a chroot...
[SECURITY] Fedora 23 Update: pbuilder-0.225.2-1.fc23
pbuilder constructs a chroot system, and builds a package inside the chroot. It is an ideal system to use to check that a package has correct build- dependencies...
[SECURITY] Fedora 24 Update: pbuilder-0.225.2-1.fc24
pbuilder constructs a chroot system, and builds a package inside the chroot. It is an ideal system to use to check that a package has correct build- dependencies...
OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0038)
The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices 1245969 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317816 - SSH2MSGDISCONNECT for user initiate...
SUSE-SU-2015:2292-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.51 to receive various security and bugfixes. Following features were added: - hwrng: Add a driver for the hwrng found in power7+ systems fate315784. Following security bugs were fixed: - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 sta...
Design/Logic Flaw
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...
CVE-2015-2925
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...